Funcionapage.com

Funcionapage.com is a new browser hijacker that poses as a legitimate search engine, and it is set to replace your browser's homepage secretly to show you promotional links in its search results. You have to remove this browser hijacker if your computer becomes infected with it for the simple reason that it does that without out your knowledge or authorization. Furthermore, it is set to show promotional links of unverified legitimacy in the search results and gather usage and other data to tailor them to make more money. Indeed, this hijacker’s primary function is to generate advertising revenue, so do not expect it to be of any use.

From the outset, we want to state that all of the information provided in this article is based on our research and supplemented by information from other sources because a dropper sample of this hijacker has yet to be found because it has been released only recently. Nevertheless, we will try to provide you with the most accurate information available and a removal guide in case it somehow has entered your PC.

Our research has revealed that this hijacker belongs to the ELEX browser hijacker family. This means that Funcionapage.com has dozens of clones that include the likes of Amisites.com and Maniihome.com. Of course, this developer has released many more browser hijackers, and it is not limited to releasing only browser hijackers as we have found that ELEX also develops various shady programs that fall into the category of potentially unwanted programs. So, as you can see, this infection comes from an established malware developer that is in the business of producing browser hijackers that generate advertising revenue from promotional links included in the search results.

We have received unverified information that Funcionapage.com comes bundled in a malicious software installer along with a potentially unwanted program known as Picexa. This program is not malicious but still undesirable so you should uninstall it as well. At any rate, Funcionapage.com should come without an accompanying browser extension. However, its privacy policy mentions a toolbar but does not provide its name. We believe that it is entirely possible for this hijacker to come with an accompanying browser extension that would manage the hijacking process, thus eliminating the need to reprogram a given installer to inject it.

Regardless of whether it comes with a browser extension or toolbar, it is set to enter your computer without your approval, so you will notice Funcionapage.com’s presence only after the infection has taken place. Nevertheless, the infection can be stopped by an anti-malware program. If you do not have such a program, then this hijacker can slip in and hijack the homepage and new tab page addresses of Google Chrome, Mozilla Firefox, and Microsoft Internet Explorer. Once it modifies the browser settings and you start using it for processing your search queries, this hijacker can include links to promoted websites, but the legitimacy and safety of those sites is not guaranteed. Indeed, since Funcionapage.com is considered malicious and comes from an unreliable developer, it is reasonable to assume that it may engage in advertising malicious websites that can get your computer infected with more malware.

Our research has revealed that this hijacker is set to collect some information about you that includes your IP address, browser user agent, referring page, date and time stamp and cookies, and so on to tailor and personalize the promoted content to generate more advertising revenue. However, given the content that this hijacker presents you might not want to allow it to gather this information. Moreover, you may want to delete it, and we encourage doing so with the help of our instructions.

Even though we do not have a sample of this particular browser hijacker, we are aware of the extent of the modifications it is set to make. We know this because previous ELEX hijackers have made the exact changes. So please refer to the removal instructions at the end of this description to get rid of it and do not forget to check the legitimacy of the programs you think that it could have come with just to be on the safe side.

How to remove this browser hijacker

Mozilla Firefox

1. Simultaneously press Windows+E.
2. Enter C:\Users\{user name}\AppData\Roaming\Mozilla\Firefox\Profiles\{Random numbers} in the address line.
3. Locate prefs.js, right-click it and open it with Notepad.
4. Replace http://funcionapage.com in user_pref("browser.startup.homepage", " http://funcionapage.com"); with another search engine.
5. Save and Close.

Google Chrome

1. Simultaneously press Windows+E.
2. Enter C:\Users\{user name}\AppData\Local\Google\Chrome\User Data\Default in the address line.
3. Locate Preferences, Secure Preferences and Web Data files.
4. Right-click these files and open them with Notepad.
5. Replace all strings featuring http://funcionapage.com with another search engine.
6. Save and Close.

Microsoft Internet Explorer

1. Simultaneously press Windows+R.
2. Enter regedit in the dialog box.
3. Click OK.
4. In the Registry Editor, go to HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main
5. Locate Start Page and right-click it.
6. Select Modify.
7. Replace http://funcionapage.com with another search engine.
8. Click OK and Close the Registry Editor.